A whole pile of new vulnerabilities including remote code exploit were revealed against specific models about 3 weeks ago; I had not heard of any exploits, but, ...
Which is why the models and IOS versions would be very useful. On Mon, Apr 13, 2015 at 2:59 PM, Rashed Alwarrag <rali.ah...@gmail.com> wrote: > Still I don't have full information from them as it has been reported by > different customers and all almost in the same time , I am trying to get > some information about , I was just checking if there is known > vulnerability has been announced recently regarding this > > Thanks you guys > > > On Tuesday, April 14, 2015, Nick Hilliard <n...@foobar.org> wrote: > > > On 13/04/2015 23:48, Rashed Alwarrag wrote: > > > It's reported by different customers in different locations so I don't > > > think it's password compromised > > > > Have you checked? If the routers had vty access open (ssh or telnet) and > > the passwords were easy to guess, then it's more likely that this was a > > password compromise. You can test this out by getting a copy of one of > the > > configs and decrypting the access password. Or by asking your customers > > whether their passwords were dictionary or simple words. > > > > It's possible that there was a remotely accessible vulnerability, but ios > > isn't known for this. > > > > Nick > > > > > > > > -- > > *Rashed Alwarrag * > -- -george william herbert george.herb...@gmail.com
